One of the training classes with high attendance at the Paraben Forensic Innovations Conference this week in Park City, Utah, was the Apple iOS Forensics Bootcamp. Apple's iOS is the operating system that powers the Apple iPhone, iPod Touch, the iPad, and the Apple iTV device. With the exploding popularity of these devices (well, except for the iTV), Law Enforcement, corporate investigators, and other forensic professionals are looking to learn more about this platform.

The iOS Forensics Bootcamp was instructed by Ben Lemere of Basis Technologies. Lemere has worked in forensics for The Feds, and the private sector. The focus of the bootcamp was mostly on iPhone forensics, although many of the principals apply to the other devices. Ben uses an excellent tool for conducting iOS forensic analysis, and provided

Our focus this week, albeit loosely, is on Incident Response. There has been much news of late regarding the Stuxnet malware, and a couple of the more interesting perspectives are linked in the "Good Reads" section below. As forensicators and incident responders, the advent of such "weapons-grade" malware raises the stakes significantly, and we have to step up our game to match. Memory forensics becomes far more crucial when dealing with advanced threats, and Mandiant offers some help in this area with an update to their Memoryze tool. But our ability to learn from the incidents we investigate and share that information also becomes vastly more important. To help us in this area, Verizon has provided their VERIS Framework, which is a tool for gathering metrics from incident investigations so that we can begin to share and learn from the breaches that inevitably occur. The VERIS Framework isn't all that new, but deserves more attention. So read on for these and other interesting

"Rob Lee's enthusiasm method of delivery made the class excellent and a great environment to learn. He knows his stuff, without a doubt."- Tim Moniot, Las Vegas Metro P.D.

"A great course on timeline, registry, and restore point forensics. SANS is continuing to be the leader on teaching new techniques happening with forensics."- Brad Garnett, Gibson County Sherrif's Dept.